CNNVD-202512-4056 Information

CNNVD ID

CNNVD-202512-4056

Related CVE

CVE-2025-14414

• CNNVD Published: 2025-12-23

Description (Chinese)

Soda PDF Desktop是加拿大Soda公司的一个全功能PDF编辑软件。 Soda PDF Desktop存在安全漏洞，该漏洞源于处理Word文件时允许执行危险脚本而缺少用户警告，可能导致远程代码执行。

Description (English)

Soda PDF Desktop is a full-purpose PDF editing software for Soda Canada. There is a security loophole in Soda PDF Desktop, which stems from the lack of user warning when processing Word files to allow the execution of dangerous scripts, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Soda

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-1087/